upgrade cloudhsm-cleanup tools to AWS CloudHSM v5 (#973) #33

	name: Deploy
	on:
	workflow_dispatch:
	push:
	branches:
	- main
	tags:
	- '[0-9]+.[0-9a-z]+.[0-9a-z]+'

	jobs:
	docker:
	name: Docker Images
	runs-on: ubuntu-22.04
	environment: build
	permissions:
	contents: read
	id-token: write
	steps:
	- name: Clone repository
	uses: actions/checkout@v4

	- name: Setup Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Docker Metadata
	id: meta
	uses: docker/metadata-action@v5
	with:
	images: \|
	${{ vars.DOCKERHUB_REPO }}
	${{ vars.GAR_LOCATION }}-docker.pkg.dev/${{ vars.GCP_PROJECT_ID }}/${{ vars.GAR_REPOSITORY}}/autograph
	tags: \|
	type=semver,pattern={{raw}}
	type=raw,value=latest,enable={{is_default_branch}}

	- name: Generate version.json
	shell: bash
	run: make generate

	- id: gcp-auth
	uses: google-github-actions/auth@v2
	with:
	token_format: 'access_token'
	service_account: artifact-writer@${{ vars.GCP_PROJECT_ID}}.iam.gserviceaccount.com
	workload_identity_provider: ${{ vars.GCPV2_GITHUB_WORKLOAD_IDENTITY_PROVIDER }}

	- name: Login to Google Artifact Registry
	uses: docker/login-action@v3
	with:
	registry: ${{ vars.GAR_LOCATION }}-docker.pkg.dev
	username: oauth2accesstoken
	password: ${{ steps.gcp-auth.outputs.access_token }}

	- name: Login to Dockerhub
	uses: docker/login-action@v3
	with:
	username: ${{ vars.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_PASSWORD }}

	- name: Build and push
	uses: docker/build-push-action@v6
	with:
	push: ${{ github.event_name != 'pull_request' }}
	sbom: true
	tags: ${{ steps.meta.outputs.tags }}
	labels: ${{ steps.meta.outputs.labels }}
	context: .

Provide feedback